Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/BZx5KqCecNBpVNrxoeja3sjR74Q.roa
File: BZx5KqCecNBpVNrxoeja3sjR74Q.roa (raw, json)
Hash identifier: CExICkUqPW5IlqfdNaa+TIHueG5QxQyTc0B4cHXau1w=
Subject key identifier: 05:9C:79:2A:A0:9E:70:D0:69:54:DA:F1:A1:E8:DA:DE:C8:D1:EF:84
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 0181D3E3291A87684B53A9B9ACEFF81DA932
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/BZx5KqCecNBpVNrxoeja3sjR74Q.roa
Signing time: Wed 06 Jul 2022 14:21:28 +0000
ROA not before: Wed 06 Jul 2022 14:21:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205334
IP address blocks: 185.211.41.0/24 maxlen: 24
185.193.172.0/24 maxlen: 24
185.193.175.0/24 maxlen: 24
185.193.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:e3:29:1a:87:68:4b:53:a9:b9:ac:ef:f8:1d:a9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jul 6 14:21:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=059c792aa09e70d06954daf1a1e8dadec8d1ef84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c2:a6:1c:13:00:3d:ea:9d:31:bf:02:e5:f8:
af:2a:79:9b:51:c7:72:d4:02:5f:5e:ad:8c:86:18:
9e:c9:7c:dc:69:ca:43:8e:38:0e:5d:6a:80:07:ef:
3a:67:8d:6a:3c:4d:a8:fc:fa:9e:45:05:0e:60:4c:
a4:50:3b:a6:1c:b0:e8:d3:7a:7e:06:dc:83:c7:3e:
32:52:50:7d:ad:79:c9:b6:7e:8a:16:32:49:3b:d4:
6c:e3:b3:d0:2e:4e:f1:35:db:a5:8d:ca:0b:4c:20:
06:5a:62:b4:1d:b3:12:30:2d:95:71:31:a0:05:d1:
c9:7a:ae:0c:71:24:32:55:71:00:20:9d:4b:3b:10:
f5:8d:e8:36:e9:19:bd:d2:51:05:00:14:1f:33:f6:
ca:d7:cd:95:4d:14:59:37:6b:ed:12:b9:ed:49:16:
e3:a3:70:cc:5f:45:fa:9b:43:61:1a:c2:49:e2:0c:
4c:33:b7:6e:0e:4a:4d:70:66:45:24:60:50:25:a2:
44:bc:d2:f2:c5:83:4d:d4:9b:1c:8e:3a:cf:19:1c:
04:e7:72:81:5e:97:88:4c:fc:39:7f:cc:fb:f5:a9:
6e:24:1e:4a:e1:de:c9:9f:a9:62:23:f1:51:29:c9:
b7:6d:62:0d:2b:d4:25:5d:71:92:f2:5a:47:3b:e4:
c0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9C:79:2A:A0:9E:70:D0:69:54:DA:F1:A1:E8:DA:DE:C8:D1:EF:84
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/BZx5KqCecNBpVNrxoeja3sjR74Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.172.0/24
185.193.174.0/23
185.211.41.0/24
Signature Algorithm: sha256WithRSAEncryption
35:a5:97:03:55:8f:a7:69:eb:2f:5e:24:26:79:50:06:f1:7c:
5f:f1:a5:4e:8a:8b:3e:70:2c:6c:5a:e7:05:5c:82:a5:7d:24:
76:14:fe:6d:d9:03:d2:cc:77:a2:e9:22:7d:ce:ea:bf:f4:ae:
b9:a3:e1:98:33:23:e1:7a:0f:c8:e2:19:8e:1c:ff:e0:9a:bc:
62:b8:fe:32:e0:62:4c:69:31:11:54:9c:df:1a:50:d1:d6:9d:
bf:43:40:94:64:bf:84:e6:e7:cd:e8:ee:74:f3:83:27:20:c4:
4e:98:c9:a7:77:56:e3:26:c3:9b:b1:24:25:23:7f:55:ce:a9:
60:2d:cf:67:7b:34:d5:18:53:da:50:70:7b:b4:43:12:00:22:
bd:c5:82:3b:47:14:28:f3:40:25:f5:34:77:c7:58:f6:9f:e3:
4d:18:ba:dc:ed:aa:79:67:61:b7:8d:bc:90:99:5b:c3:bb:fc:
bf:1c:15:20:6e:0f:fd:ee:49:34:be:cd:4e:1c:64:dc:7f:93:
8c:7f:92:42:28:48:ba:a9:55:fc:91:81:14:53:85:bc:3b:21:
70:ce:6e:05:aa:62:8e:25:b3:d4:1a:4d:08:87:41:c4:e6:50:
dd:80:36:d2:9f:54:11:b2:83:2f:b9:9c:90:63:b9:ec:58:b1:
38:04:a3:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHT4ykah2hLU6m5rO/4HakyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxN2JmNGZiZWE4OTRmNDNlZWIzZGIxYjIxNmU1Nzc2NmUw
MWFiODEwHhcNMjIwNzA2MTQyMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTljNzkyYWEwOWU3MGQwNjk1NGRhZjFhMWU4ZGFkZWM4ZDFlZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsKmHBMAPeqdMb8C5fivKnmbUcdy
1AJfXq2MhhieyXzcacpDjjgOXWqAB+86Z41qPE2o/PqeRQUOYEykUDumHLDo03p+
BtyDxz4yUlB9rXnJtn6KFjJJO9Rs47PQLk7xNduljcoLTCAGWmK0HbMSMC2VcTGg
BdHJeq4McSQyVXEAIJ1LOxD1jeg26Rm90lEFABQfM/bK182VTRRZN2vtErntSRbj
o3DMX0X6m0NhGsJJ4gxMM7duDkpNcGZFJGBQJaJEvNLyxYNN1JscjjrPGRwE53KB
XpeITPw5f8z79aluJB5K4d7Jn6liI/FRKcm3bWINK9QlXXGS8lpHO+TA1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWceSqgnnDQaVTa8aHo2t7I0e+EMB8GA1UdIwQY
MBaAFNF79PvqiU9D7rPbGyFuV3ZuAauBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDIt
MmMyMDFkMzBhZTA1LzEvQlp4NUtxQ2VjTkJwVk5yeG9lamEzc2pSNzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80MjE1MjktNzNlMi00OTE2LThiZDItMmMyMDFkMzBhZTA1
LzEvMFh2MC0tcUpUMFB1czlzYklXNVhkbTRCcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucGsAwQB
ucGuAwQAudMpMA0GCSqGSIb3DQEBCwUAA4IBAQA1pZcDVY+naesvXiQmeVAG8Xxf
8aVOios+cCxsWucFXIKlfSR2FP5t2QPSzHei6SJ9zuq/9K65o+GYMyPheg/I4hmO
HP/gmrxiuP4y4GJMaTERVJzfGlDR1p2/Q0CUZL+E5ufN6O5084MnIMROmMmnd1bj
JsObsSQlI39VzqlgLc9nezTVGFPaUHB7tEMSACK9xYI7RxQo80Al9TR3x1j2n+NN
GLrc7ap5Z2G3jbyQmVvDu/y/HBUgbg/97kk0vs1OHGTcf5OMf5JCKEi6qVX8kYEU
U4W8OyFwzm4FqmKOJbPUGk0Ih0HE5lDdgDbSn1QRsoMvuZyQY7nsWLE4BKMv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:19 2025 by rpki-client